/*
* Licensed under the MIT License
* 
* Copyright (c) 2010 Kay Kreuning
* 
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
* 
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
* 
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
* 
* http://code.google.com/p/as3hyvesapi
*/
package nl.hyves.api.sessions
{
	import flash.external.ExternalInterface;
	import flash.net.URLRequest;
	import flash.net.navigateToURL;
	
	import nl.hyves.api.HyvesService;
	import nl.hyves.api.errors.HyvesError;
	import nl.hyves.api.methods.PublicMethods;
	import nl.hyves.api.utils.AuthUtil;
	import nl.hyves.api.utils.TokenStore;
	
	public class PopupSession implements ISession
	{
		private static const AUTHORIZE_ENDPOINT:String = "http://www.hyves.nl/api/authorize/";
		
		public static const EXPIRATIONTYPE_DEFAULT:String = "default";
		public static const EXPIRATIONTYPE_INFINITE:String = "infinite";
		public static const EXPIRATIONTYPE_USER:String = "user";
		
		protected var methods:Array;
		protected var callbackURL:String;
		protected var expirationType:String;
		protected var forceNewToken:Boolean;
		protected var service:HyvesService;
		protected var callback:Function;
		
		public function PopupSession(methods:Array, callbackURL:String, expirationType:String = EXPIRATIONTYPE_DEFAULT, forceNewToken:Boolean = false)	// TODO: Add a default callbackURL
		{
			this.methods = methods;
			this.callbackURL = callbackURL;
			this.expirationType = expirationType;
			this.forceNewToken = forceNewToken;
		}
		
		/**
		 * @inheritDoc
		 */
 		public function connect(service:HyvesService, callback:Function):void
		{
			this.service = service;
			this.callback = callback;
			
			if (TokenStore.has(service.id) && !forceNewToken)
			{
				callback(TokenStore.get(service.id), null);
			}
			else
			{
				var parameters:Object = {
					methods: methods.join(","),
					expirationtype: expirationType
				};
				
				service.call(PublicMethods.auth_requesttoken, onRequesttoken, parameters);
			}
		}
		
		/**
		 * Exchange the current requesttoken for an accesstoken.
		 * When using the hyvesBridge javascript this method is invoked automatically.
		 */
		public function exchangeTokens():void
		{
			service.call(PublicMethods.auth_accesstoken, onAccesstoken);
		}
		
		private function onRequesttoken(result:Object, error:HyvesError):void
		{
			if (error)
			{
				callback(null, error);
				return;
			}
			
			var accesstoken:OAuthToken = AuthUtil.extractToken(OAuthToken.REQUESTTOKEN, result);
			
			callback(accesstoken, null);
			
			var url:String = AUTHORIZE_ENDPOINT + "?oauth_token=" + encodeURIComponent(accesstoken.token) + 
				"&oauth_callback=" + encodeURIComponent(callbackURL);
			
			if (ExternalInterface.available && ExternalInterface.call("HyvesBridge.available"))
			{
				ExternalInterface.addCallback("setVerifier", onTokenAuthorized);
				ExternalInterface.call("HyvesBridge.callAuthorize", url);
			}
			else
			{
				// Resort to a native Flash 'popup', note that we now have to invoke exchangeTokens() manually
				
				navigateToURL(new URLRequest(url));
			}
		}
		
		private function onTokenAuthorized(response:String):void
		{
			var token:String = decodeURIComponent(response.match(/(?<=oauth_token).*(?=&oauth_verifier)/g)[0]);	// TODO: Do the parsing of the token and verifier in JS
			var verifier:String = decodeURIComponent(response.match(/(?<=oauth_verifier=)\w+/g)[0]);
			
			service.call(PublicMethods.auth_accesstoken, onAccesstoken, {oauth_token: token, oauth_verifier: verifier});
		}
		
		private function onAccesstoken(result:Object, error:HyvesError):void
		{
			if (error)
			{
				callback(null, error);
				return;
			}
			
			var token:OAuthToken = AuthUtil.extractToken(OAuthToken.ACCESSTOKEN, result);
			
			TokenStore.set(service.id, token);
			
			callback(token, null);
		}
	}
}